Automatic registration and generation of consumer payment credentials using internet-connected appliances

ABSTRACT

Methods and systems for generating consumer payment credentials using an Internet-connected appliance. In an embodiment, a primary Internet-connected appliance receives purchase transaction information from a secondary appliance. The process also includes generating a purchase transaction authorization request based on purchase transaction information and on payment account credential data that is stored locally in a dedicated storage element, transmitting the purchase transaction authorization request via the Internet to a gateway server computer, receiving a purchase transaction authorization response, and transmitting the purchase transaction authorization response via a domestic network to the secondary appliance for display to a consumer.

CROSS REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.13/963,141 filed on Aug. 9, 2013, which claims the benefit of andpriority to U.S. Provisional Patent Application No. 61/681,929, filedAug. 10, 2012, which applications are incorporated herein by referencefor all purposes.

FIELD OF THE INVENTION

This application generally relates to electronic commerce, and inparticular to methods, systems and apparatus for automaticallyregistering cardholders, and for allowing the cardholders toconveniently and securely purchase products and/or services online byusing Internet-connected appliances, such as a set-top box (STB).

BACKGROUND OF THE INVENTION

The Internet has changed the way in which consumers shop and purchaseproducts and services. In particular, consumers desire easy access tomerchants' offerings and convenient and secure methods of payment forgoods and services. It is common for households to have one or moreelectronic devices connected to the Internet via cable-type modems orDSL-modems and/or routers, which may provide wired or wireless Internetaccess. For example, many household entertainment devices (e.g.,television sets, set-top boxes (STB's), and game consoles) as well ashome automation systems and appliances (e.g. refrigerators, securitysystems and the like) are currently connected to the Internet andconfigured to receive content for display and/or to obtain informationfrom consumers. Some of these Internet-connected devices (including theDSL modems and/or cable-type modems and/or routers) include ports and/orconnectors that can be used to plug in peripheral devices such as areader device, and some recently manufactured Internet-connected devicesinclude an integrated reader device.

A need exists for systems and methods that facilitate remote purchasing(or other interactions) scenarios for consumers utilizing, for example,an Internet-connected household appliance such as a television orrefrigerator, whereby such systems and methods provide for automaticallygenerating consumer credentials (such as consumer payment credentials).There is also a need for systems and methods for setting up a proxyand/or alias locally (for example, at an Internet-connected householddevice) which removes the need for storing payment card account details(or other financial account details) anywhere outside of a paymentsystem.

BRIEF DESCRIPTION OF THE DRAWINGS

Features and advantages of some embodiments, and the manner in which thesame are accomplished, will become more readily apparent with referenceto the following detailed description taken in conjunction with theaccompanying drawings, which illustrate exemplary embodiments (notnecessarily drawn to scale), wherein:

FIG. 1A is a block diagram illustrating an automatic registration andpayment system according to an embodiment of the invention;

FIG. 1B is a block diagram illustrating another embodiment of anautomatic registration and payment system according to the invention;

FIG. 1C is a block diagram of an Internet-connected appliance inaccordance with an embodiment of the invention;

FIG. 2A is a flowchart illustrating a cardholder registration process inaccordance with the invention;

FIG. 2B is a flowchart illustrating a cardholder transaction processaccording to an embodiment of the invention;

FIG. 3A is block diagram illustrating a payment credential proxyregistration and payment system according to an embodiment of theinvention;

FIG. 3B is block diagram illustrating another embodiment of a paymentcredential proxy registration and payment system according to theinvention;

FIG. 4 is a flowchart illustrating a consumer transaction processutilizing the system of FIG. 3A and/or the system of FIG. 3B accordingto an embodiment of the invention;

FIG. 5A is a block diagram of a system for permitting a consumer topurchase goods and/or services via at least one secondaryInternet-connected device according to an embodiment of the invention;and

FIG. 5B is a block diagram of a system for permitting a consumer topurchase goods and/or services via at least one secondaryInternet-connected device according to another embodiment of theinvention.

Like reference numbers in the drawings indicate like elements.

DETAILED DESCRIPTION

In general, and for the purpose of introducing concepts of novelembodiments described herein, provided are systems, apparatus andmethods for automatically registering and/or lodging payment credentialsfrom an EMV or EMV-like payment card or other payment device into abusiness or domestic or household Internet-connected appliance. (EMV isa global standard for interoperation of integrated circuit (IC) cardsalso known as “chip cards” and IC compatible devices for authenticatingcredit and debit card payments.) Once registered, processes aredescribed for allowing a consumer or cardholder to conveniently andsecurely purchase products and/or services online by using one or moreof his or her Internet-connected appliance(s). Such systems, apparatusand methods can be modified for use in other environments, for example,for use business environments or government environments.

In some embodiments, registration is performed by utilizing anInternet-connected household appliance or device. The householdappliance can include an integrated reader or an externally-attachedreader, which reader is configured to read the payment credentials of,for example, a payment card via a chip, magnetic stripe, a contactlessprotocol, near-field communications (NFC), Bluetooth, or infrared (IR)protocol. In some cases, the consumer may manually key-in some or all ofthe payment credentials by using the household appliance. In someembodiments, the consumer is prompted to execute a CardholderVerification Method (CVM) (e.g., by entering a PIN or a passcode). Afterthe consumer has registered his or her household appliance and paymentaccount(s), the requisite data is stored locally so that subsequentpurchases via that same appliance (for example, from a Set-Top Box (STB)and/or from an Internet-enabled television (TV)) can easily andautomatically occur by the consumer (who is, in some embodiments, apayment card account holder or cardholder) simply calling upon thelocally stored payment and cardholder credentials. This allows theregistered cardholder to avoid having to go through a manual check-outprocess for online purchase transactions involving theInternet-connected appliance.

In another aspect, systems and methods are described herein for settingup and/or utilizing a proxy or alias locally (for example, at thehousehold appliance) which removes the need for storing payment cardaccount details (or other financial account details) anywhere outsidethe payment system. In such a system, the proxy could be transmitted forauthentication by the payment infrastructure. If it is valid, the proxyis then converted into the original payment account format and thetransaction is transmitted to an issuer financial institution for makingthe authorization decision. In some embodiments, the proxy is linked tothe original financial account by a secure server in the paymentinfrastructure which validates the proxy and converts the transaction tothe original financial or payment account. Such a process avoidsimpacting the issuer of the original payment account while offeringsecurity in the sense that a third party is responsible for verifyingthat the proxy was authenticated as part of the purchase transactionrequest. Once again, after the consumer has gone through theregistration process with his or her household appliance and paymentaccount(s), for subsequent purchases via that same appliance, thecardholder can simply utilize the locally stored payment and cardholdercredentials. Such a process allows the consumer to avoid having to gothrough a manual check-out process when conducting an online purchaseusing that Internet-connected appliance.

In yet another aspect, described are systems and processes for one ormore Internet connected primary appliances (such as a television (TV),set-top box (STB), Cable Modem, household router, and the like) offeringa payment capability to other Internet capable and/or Wifi-enabled (orotherwise capable of wireless communication) secondary appliances ordevices that are operably connected to a domestic network or to abusiness network. In implementations of this aspect, a consumer firstregisters one or more payment accounts by providing his or her paymentcredentials by following one of the methods described herein, but itshould be understood that other mechanisms and/or methods that involvelodging of payment credentials in an Internet-connected appliance couldbe used. In some embodiments, wireless communications occur between theprimary and secondary appliances or devices within a local (domestic orbusiness) network. In a first implementation, a secondary applianceoperably connects to a primary appliance (which may be thought of asperforming the functions of a payment server) to request the paymentcredentials (for example, a primary account number (PAN), a CVC, anexpiration date, and the like, associated with a payment card account)and associated cryptograms and/or tokens (e.g., an authorization requestcryptogram (ARQC), a one-time password (OTP), and the like). Once thepayment credentials and cryptogram information is obtained, then thesecondary appliance may handle the payment transaction directly bytransmitting a purchase request to a payment network, for example. Inanother implementation, the secondary appliance submits the purchasetransaction details (for example, the product name and/or productidentifier (such as a SKU), the amount or purchase price, a merchantidentifier, and the like) to the primary appliance (for example, a STBfunctioning as a payment server), and the primary appliance then handlesthe payment transaction directly with the payment network. In thisscenario, the primary appliance generates the payment credentials (e.g.,the PAN, the CVC, and the like) and the associated cryptograms and/ortokens; adds this information to the purchase order and/or basket; andsubmits an authorization request and/or purchase transaction request.

Novel aspects are described herein with regard to a television (TV) (forexample, a digital flat-screen television) and/or with regard to aset-top box (STB) and/or with regard to a smart refrigerator in adomestic or private environment. However, it should be understood thatthe systems and methods are equally applicable in many other types ofenvironments and with many other types of Internet-connected appliancesor devices. For example, the systems and methods described herein couldbe used in a government, public, private, household and/or businessenvironment. Thus, the systems and methods could be modified, forexample, to accommodate the hospitality industry that conventionallyutilizes an “account number on file” system. In such a hospitalityenvironment, the systems and methods described herein can beadvantageously utilized to set up a full-service environment that wouldminimize security risks and reduce costs associated with processing andprotecting sensitive data related to hotel guests, for example. Otherexamples of business or public environments in which the describedmethods and systems may advantageously be used include, but are notlimited to, vending businesses, parking garage businesses andgovernmental agencies, such as the department of motor vehicles (DMV).Various other benefits and advantages may be realized and/or becomeapparent by adapting the systems and methods described herein for use insuch public, private, household, business and/or governmentenvironments.

Accordingly, embodiments of the systems and methods described hereinserve to shift a portion of the processing of data concerning paymentaccount transactions into a combination of a central server and aconsumer appliance (such as a set-top box (STB), a television (such as aflat-screen television), a refrigerator, a microwave oven, and the like)to facilitate online payment transactions.

FIG. 1A is a block diagram illustrating an automatic registration andpayment system 100 according to an embodiment that allows a consumer toutilize a household Internet-connected appliance to register paymentcredentials, and then to conveniently select and purchase productsand/or services via an online shopping experience. In this example, aconsumer utilizes a remote control device 102 to control a TV 104 and/ora set-top box (STB) 106 (the Internet-connected applicance), wherein theSTB 106 includes a storage device 108 and a reader 110. The consumer isa cardholder who has a first payment card “Card1” 112 and second paymentcard “Card2” 114. As shown, the STB 106 is operably connected to theInternet 116, which may be via a cable-type modem or a DSL-type modem ora router (not shown). A gateway server 118 is also operably connected tothe Internet 116 and to a payment network 120. The gateway server 118may be part of the payment infrastructure along with the payment network120, or may be associated with a third party payment service provider(PSP). Also shown are Merchant1 Server 122, Merchant2 Server 124 andMerchantN Server 126, which are each operably connected to the Internet116. The merchant servers 122, 124 and 126 represent a plurality ornumber “N” of different businesses offering a plurality of differentproducts and/or services.

In some embodiments, the consumer or cardholder enters data concerninghis payment cards 112 and 114 into the STB 106 by having them read bythe integrated reader 110 associated with the STB 106, wherein thereader is mechanically and/or electronically capable of reading EMV-typedata. For example, if the payments cards 112 and 114 are proximitypayment cards, then the consumer may tap each of the proximity cardsnear the reader (by tapping each card at a designated location and whenprompted to do so during a registration process) to enter data storedwithin those proximity payment cards. In other embodiments, the readermay be configured to read a magnetic stripe on one or more payment cards(for example, the consumer may be prompted to “swipe” his or her paymentcard by inserting it into a slot associated with the reader and thenremoving it). In some embodiments, the reader may be configured toutilize a PayPass™ process (as promulgated by MasterCard InternationalIncorporated), or an NFC-type process or other contactless-type processto read the data from the payment cards. In yet other embodiments, theconsumer may be required to utilize the remote control 102 to manuallykey-in at least a portion of the payment account registration data intothe STB 106 by utilizing a keyboard (not shown) provided on a display ofthe TV 104.

Thus, in some embodiments the reader 110 of the STB 106 reads card dataand then the STB generates and transmits an online registration requestto the gateway server 118, during which the payment card(s) and/or thecardholder are authenticated. In addition, in some embodiments, thecardholder may be prompted to provide a Personal Identification Number(PIN) or to conduct some other consumer verification method (CVM). Forexample, the cardholder may provide a PIN by using the keypad of theremote control 102, or provide a fingerprint utilizing a fingerprintscanner (not shown), or provide some other type of biometric data (suchas an iris scan) using other devices (not shown). Accordingly, in someembodiments, the TV 104 may include an input device that could beutilized by the consumer to enter information, for example, a separatekeypad or the screen of the TV could be a touchscreen that enables dataentry. It should be understood that Card1 112 and Card2 114 may havebeen issued by different issuer financial institutions, and thus, thecardholder may be required to provide or enter different types of dataduring a registration process that may be dependent on issuer policiesor protocols or regulations, and/or may depend on the type of paymentcard account.

Referring again to FIG. 1A, the registration request is routed to thepayment network 120 via the gateway server 118, which payment networkincludes payment infrastructure (e.g., acquirer server computers and/orissuer server computers and the like, which are not shown) that respondsto the registration request. Upon approval, the STB 106 stores theconsumer's payment credentials locally in a dedicated storage element108 (which may be a portion of a hard drive that is housed within theSTB 106). The consumer payment credentials that are locally stored mayinclude a Primary Account Number (PAN), a CVC code, an expiration date,the cardholder name and the like data. In some embodiments, the systemmay prompt the cardholder to choose a passcode or to confirm a parentalcontrol passcode. Such operation serves to allow various family membersto safely use their individual cards and/or accounts when shopping, aswell as control the use of the system by other family members, if sodesired. In some embodiments, the STB 106 prompts the cardholder toenter the billing and/or shipping address details which data are thenstored in the same dedicated storage element or dedicated storagelocation in the local storage device 108 to enable a completelyautomatic check-out process. In some other embodiments, the STB 106prompts the cardholder to register additional payment cards, which mayfollow the method explained above. In this case, the STB may function toprompt the cardholder to confirm the previously entered billing and/orshipping address details that have already been entered, rather thanrequire re-entry of such data for each payment account.

In some embodiments, the STB 106 and television 104 enables thecardholder to browse and/or review his or her list of registered paymentcards (which may include credit card accounts, debit card accountsand/or pre-paid card accounts), and also may enable the consumer toselect one or more preference settings for his or her payment cardaccounts. For example, Card1 112 may be set as the default payment cardaccount that will be utilized for most online purchase transactions, andCard2 114 may be set as the payment card account that is to be used whenordering food online from a restaurant. In addition, the STB 106 mayenable the cardholder to delete, add, and/or change preferentialordering of the payment card account data in the dedicated storageelement.

FIG. 1B is a block diagram illustrating another embodiment of anautomatic registration and payment system 130 according to anembodiment, which is similar to that of FIG. 1A. In particular, thesystem 130 also allows a consumer to utilize a householdInternet-connected device to register payment credentials, and then toconveniently select and purchase products and/or services via an onlineshopping experience. Once again, the consumer (who is a cardholder whohas a first payment card “Card1” 112 and second payment card “Card2”114) utilizes the remote control device 102 to control the TV 104 and/orthe STB 106, wherein the STB 106 includes a storage device 108 and areader 110. As shown, the STB 106 is operably connected to the Internet116, which may be via a cable-type modem or a DSL-type modem or a router(not shown), and the gateway server 118 is also operably connected tothe Internet 116. In the system 130, the gateway server 118 is operablyconnected to payment network 120 and to each of the merchant servers122, 124 and 126, which represent a plurality or number “N” of differentbusinesses offering a plurality of different products and/or services.As mentioned above, the gateway server 118 may be part of the paymentinfrastructure along with the payment network 120, or may be associatedwith a third party payment service provider (PSP).

In order to register, the consumer (cardholder) enters data concerninghis payment cards 112 and 114 into the STB 106 by tapping each of themonto the vicinity of the integrated reader 110 (which is mechanicallyand/or electronically capable of reading EMV-type data). As mentionedabove, in some implementations the reader may be configured to read amagnetic stripe on one or more payment cards (for example, the consumermay be prompted to “swipe” his or her payment card by inserting it intoa slot associated with the reader and then quickly removing the card).In some other embodiments, the reader may be configured to utilize aPayPass™ or NFC-type process or other contact or contactless-typeprocess to read the data from the payment cards. In yet otherembodiments, the consumer may be required to utilize the remote control102 to manually key-in payment account registration data into the STB106.

Therefore, in this example the reader 110 of the STB 106 reads card dataand then the STB generates and transmits an online registration requestto the gateway server 118, via the Internet 116, during which time thepayment card(s) and/or the cardholder are authenticated. In someimplementations, the cardholder is prompted for a PersonalIdentification Number (PIN) or to conduct another type of CVM. Forexample, he or she may enter via a PIN via a keypad on the remotecontrol 102. (In some embodiments, the TV may include an input devicethat could be utilized by the consumer to enter information, forexample, the screen of the television could be a touchscreen thatenables data entry.) It should be understood that Card1 112 and Card2114 may have been issued by different issuer financial institutions, andthus the cardholder may be required to provide or enter different typesof data during a registration process that may be dependent on issuerpolicies or protocols or regulations, and/or may depend on the type ofpayment card account.

The registration request is routed to the payment network 120 via thegateway server 118, which network includes payment infrastructure (e.g.,acquirer server computers and/or issuer server computers and the like,which are not shown) that responds to the registration request. Uponapproval, the STB 106 stores the consumer's payment credentials locallyin a dedicated storage element 108 (such as a portion of a hard drivethat is housed within the STB 106). The consumer payment credentialsthat are locally stored may include a Primary Account Number (PAN), aCVC code, an expiration date, the cardholder name and the like data. Insome embodiments, the system may prompt the cardholder to choose apasscode or to confirm a parental control passcode. Thus, various familymembers can safely use the STB and their individual cards and/oraccounts when shopping, as well as control the use of the system byother family members, if so desired. In some embodiments, the STB 106prompts the cardholder to enter the billing and/or shipping, addressdetails which are then stored in the same dedicated storage element ofthe local storage device 108 to enable a completely automatic check-outprocess. In some other implementations, the STB 106 prompts thecardholder to register additional payment cards, which may follow themethod explained above. In this case, the STB may function to prompt thecardholder to confirm the previously-entered billing and/or shippingaddress details that have already been entered, rather than requirere-entry of such data for each payment account.

As also mentioned above, the STB 106 and television 104 may enable thecardholder to browse and/or review his or her list of registered paymentcards (which may include credit card accounts, debit card accountsand/or pre-paid card accounts), and also may enable the consumer toselect one or more preference settings for his or her payment cardaccounts. For example, the consumer may be permitted to set Card1 112 asthe default payment card account for use in most online purchasetransactions, and to set Card2 114 as the payment card account that isto be used when ordering food online from a restaurant. In addition, theSTB 106 may enable the cardholder to delete, add, and/or changepreferential ordering of the payment card account data in the dedicatedstorage element.

FIG. 1C is a block diagram of an embodiment of a household or businessInternet-connected appliance 150, such as the set-top box (STB) 106 ofFIGS. 1A and 1B. The Internet-connected appliance or device may includeconventional components in its hardware aspects, but may be controlledby software to cause it to operate in accordance with aspects of themethods presented herein. In particular, the Internet-connectedappliance may include a computer processor 152 operatively coupled to anInternet connector component 154, a reader component 156, one or moreinput components 158, a receiver 160, one or more output connectors 162,one or more output component(s) 163, and a storage device 164. Examplesof Internet-connected appliances include, but are not limited to, a STB,a flat-panel television, a microwave oven, a refrigerator, a thermostat,and the like, which may be household devices and/or business devices.

The computer processor 152 may constitute one or more conventionalprocessors. Processor 152 operates to execute processor-executablesteps, contained in program instructions described herein, so as tocontrol the Internet-connected device 150 to provide desiredfunctionality.

Internet connector component 154 may be used to facilitate wired orwireless communication with, for example, other devices, such as arouter or cable modem. The Internet connector component 154 may also,for example, have capabilities to permit data communications over theInternet and/or via conventional computer-to-computer data networks, andsuch data communications may be in digital form and/or in analog form.

The reader component 156 may be a magnetic stripe reader, an NFC-typereader, another type of proximity reader, or any other type of readerthat is mechanically and/or electronically capable of reading EMV-typedata. Thus, the reader component may include a slot (not shown) forinserting a magnetic stripe payment card so that it can be read, and/ormay include a surface or area that a cardholder utilizes to tap his orher proximity payment device or to bring his or her proximity paymentdevice nearby in order to communicate information.

The input component(s) or input device(s) 158 may comprise one or moreof any type of peripheral device typically used to input data. Forexample, the input device 158 may include a keypad and/or a touchpad ortouchscreen that may be used, for example, by a cardholder for inputtingcardholder data, or a PIN, or to input other information.

The receiver 160 may be operable or configured to receive data and/orinstructions from, for example, a remote control device (not shown). Thereceiver may receive, for example, cardholder information, a PIN, and/ora selection of goods or services. The output connector(s) 162 may beconfigured to connect the Internet-connected appliance to, for example,a flat screen display (such as a flat screen television) or some otherperipheral output device such as a printer to provide desiredfunctionality. The output component(s) may include visual and/or audiocomponents, such as an LCD screen, LED screen and/or audio speaker(s)configured to provide information, for example, to a cardholder.

Storage device 164 may comprise any appropriate information storagedevice, including combinations of magnetic storage devices (e.g.,magnetic tape and/or hard disk drives), optical storage devices such asCDs and/or DVDs, and/or semiconductor memory devices such as RandomAccess Memory (RAM) devices and Read Only Memory (ROM) devices, solidstate drive (SSD) devices, and/or flash memory devices. Any one or moreof the listed storage devices may be referred to as a “memory”,“storage”, a “storage medium”, or a “computer readable medium.” Inaddition, the storage devices are configurable and/or capable of storinginstructions, code and/or data, including instructions configured tocause the processor 152 to execute one or more of the processesdescribed herein. Thus, the storage device 164 stores one or moreprograms for controlling the processor 152, and the programs compriseprogram instructions that contain processor-executable process steps ofthe Internet-connected device 150, including, in some cases, processsteps that constitute processes provided in accordance with principlesof the processes presented herein.

The application programs stored in the storage device 164 may include aregistration or enrollment application 166 that manages processes bywhich cardholders register or enroll one or more of their paymentaccounts (such as credit card accounts and/or debit card accounts) witha payment system in accordance with the processes disclosed herein. Forexample, the registration program may prompt a cardholder to enter dataconcerning his payment card accounts by having them read from, forexample, one or more payment devices by the reader component 156. Insome embodiments, the cardholder may be prompted to enter cardholderdata by using one or more input devices 158 to manually key-in at leasta portion of the payment account registration data, and/or to provide apassword, or a PIN, or biometric data (for example, a fingerprint orretina scan) in accordance with one or more CVM requirements.

The storage device 164 also stores a purchase transaction application168, an operating system 170, dedicated storage element 172, and one ormore databases 174. The purchase transaction application 168 isconfigured to control the processor 152 to conduct purchase transactionsin accordance with the methods described herein. The stored operatingsystem 170 may include device drivers, database management software, websoftware, and the like, and is configured to allow theInternet-connected device 150 to function as described herein. Inaddition, the dedicated storage element 172, which may be a securestorage area within the storage device, may be utilized to storecardholder credentials in a secure manner. Lastly, the storage device164 may include one or more databases 174 that are maintained by theInternet-connected device 150, which may include, for example, amerchant database and a cable television provider database.

The application programs of the Internet-connected device 150, asdescribed above, may be combined in some embodiments, as convenient,into one, two or more application programs.

FIG. 2A is a flowchart 200 illustrating a cardholder registrationprocess in accordance with some embodiments. For example, a cardholdermay utilize an Internet-connected device of the system 100 of FIG. 1A orthe system 130 of FIG. 1B to register one or more payment card accounts.In particular, an Internet-connected device (such as a STB, aflat-screen television, a refrigerator or microwave or other kitchenappliance, and the like) reads 202 payment device data (such as apayment card account number, an expiration date, a CVC code, acardholder name, and the like) from one or more payment devices (such asa payment enabled telephone, a proximity card, a magnetic stripe card,and the like). A registration application of the Internet-connecteddevice recognizes that the consumer has not yet registered with theautomatic payment credential system, and thus generates 204 aregistration request and transmits the registration request to a gatewayserver for processing. The gateway server processes the data in theregistration request (which includes the cardholder's payment devicedata), in some embodiments, by contacting one or more issuer financialinstitutions (FIs) to confirm that the payment account(s) of theconsumer are active and/or are eligible for use in the system. If all isin order, in some embodiments the Internet-connected device thenreceives 206 a cardholder verification method (CVM) request and promptsthe cardholder to provide the requisite response (such as entry of aPIN), which the cardholder had previously set up with his or her issuerfinancial institution. The cardholder may provide the requisite responseby, for example, using a touchpad connected to the Internet-connecteddevice, and the Internet-connected device then transmits 208 thecardholder's response to the gateway server. If all is in order (forexample, the transmitted PIN was correct to authenticate thecardholder), then in step 210 cardholder authentication was received,and the Internet-connected device stores 212 the cardholder's paymentcredentials in dedicated storage. In some embodiments, theInternet-connected device prompts 214 the cardholder to enter a passcodefor future purchases (which may be used by parents, for example, tocontrol purchases by their children from household Internet-connecteddevices). The Internet-connected device then receives 216 and stores thepasscode, and the process then ends 218. For future purchasetransactions from the Internet-connected device (as described below),the cardholder will be required to enter only his or her passcode toconsummate a purchase transaction.

Referring again to FIG. 2A, if in step 210 the cardholder was notauthenticated, then the Internet-connected device displays 220 aregistration failure message (which may include a suggestion tore-apply). The process then ends 218.

Thus, the consumer registers one or more payment accounts with thesystem, and payment account data and other data is stored locally, forexample, in a secure location or dedicated storage element of thestorage device 108 of the STB 106 of FIGS. 1A and 1B (or the dedicatedstorage element 172 of the Internet-connected device 150 shown in FIG.1C). Thus, in an implementation the consumer may utilize the remotecontrol 102 with the STB 106 to view images of products and/or services(not shown) offered on a merchant website and displayed on the displayscreen of the TV 104. In some embodiments, a cable-TV provider mayprovide a “virtual mall” composed of icons for viewing on the TV and forselection by the consumer (not shown), which enables a plurality ofmerchants to offer various products and services that the consumer maychoose to purchase. For example, offerings may include local goodsand/or services, food for delivery and/or to take-out. The cable-TVprovider may also offer pay-per view programs, viewer value packs and/orshort-term viewing subscriptions for purchase by the consumer. In someembodiments, the virtual mall has a modular-type structure with icons orplaceholders representing different types of goods and/or services. Forexample, a digital media icon may be provided that represents music,games, and gambling services, and it may be displayed near or next to adirect response shopping icon that represents programs, commercials andinfomercials. When an icon is selected, that particular icon may vanishand be replaced by a plurality of different icons that each represent,for example, a different merchant offering in a particular category (forexample, “fast food takeout” choices), for viewing on the TV screen andselection by the consumer.

FIG. 2B is a flowchart illustrating a cardholder transaction process 250utilizing the system 100 of FIG. 1A and/or the system 130 of FIG. 1B inaccordance with embodiments described herein. In an implementation, aSTB receives 252 a selection (for example, from a consumer utilizing aremote control device) of a product or service, such as an order for apizza delivery, and then receives 254 a purchase instruction orindication. In some embodiments, the STB 106 recalls the cardholder'sstored payment credentials and billing address details for each paymentcard account that has been registered and stored locally (which may bemultiple payment cards) and that are available for cardholder selectionas the means of payment. The consumer or cardholder makes a choice ofpayment card account (not shown) and, in some embodiments is thenprompted 256 to enter his or her unique PIN or passcode beforeconfirming transaction completion. In some embodiments, the consumerindicated a default payment card account designated for use in suchtransactions during enrollment, and in this case the process does notinclude a payment card selection by the cardholder.

Referring again to FIG. 2B, the STB next prompts 256 the cardholder toenter his or her passcode, and if the passcode is correct 258 then theSTB retrieves 260 payment data and generates a purchase transactionrequest. The STB 106 then transmits 262 the consumer's purchasetransaction request via the Internet 116 to the gateway server 118 whereit is routed to the payment network 120 and routed to the relevant cardissuer. In some embodiments, the payment network 120 may include amultiplicity of server computers including the gateway server 118 and aplurality of issuer financial server computers (not shown) that operatein a substantially conventional manner to identify and authorize paymentcard account transactions, and may also include acquirer servercomputers (not shown) associated with the merchants for receivingpayments. In addition, in some implementations the order for the pizzadelivery is routed via the Internet 116 to a local merchant server 124for fulfillment after the payment request has been authorized.

With regard to the purchase transaction request, if all is in order(which may mean that the cardholder has adequate funds and/or creditassociated with the payment account to pay for the transaction, and thatthe PIN and/or other CVM data transmitted with the purchase transactionrequest matches the PIN and/or other CVM data on file for that paymentcard account) then the payment network 120 authorizes the purchasetransaction and generates an authorization response and/or favorabletransaction response for transmission by the gateway server 118. Thus,in some embodiments, the STB 106 receives 264 a transaction responsemessage from the gateway server and then displays 265 a transactionmessage to the consumer that indicates either that the purchasetransaction was authorized or that it was denied. In someimplementations, the gateway server 118 may also transmit the purchasetransaction request and the authorization response to the appropriatemerchant server, such as the merchant server 124, for example (which isassociated with “Joe's Pizza Place”, for example) so that that merchantcan be aware of the pizza order, fulfill the order and be paid for thepizza (the ordered item). In the system 100 of FIG. 1A, the gatewayserver 118 would transmit the transaction request and the authorizationresponse via the Internet 116 to the appropriate merchant server. In thesystem 130 of FIG. 1B, the gateway server 118 is operably connected toeach of the merchant servers 122, 124 and 126 and thus, would directlytransmit the purchase transaction request and the authorization responseto the appropriate merchant server for order and payment processing.

Referring again to FIG. 2B, if in step 258 the passcode entered by theconsumer was incorrect, then the STB displays 268 a passcode errormessage to the consumer and determines 270 whether or not a passcoderetry threshold has been reached. If the passcode retry threshold hasbeen reached, then the process ends 272. However, if the retry thresholdhas not been reached, then the process branches back and the STB prompts256 the consumer again for his or her passcode. The passcode retrythreshold may be set, for example, to allow three entries before endingthe process, and ending the process under these circumstances mayinclude displaying an initial webpage of a merchant or an initialshopping display screen (but in any case, it will be clear to theconsumer that the purchase transaction was not consummated).

It should also be understood that, with regard to FIGS. 1A and 1B, aspart of the registration process and/or purchase transaction process,the location of and/or an identifier associated with the consumer'shousehold device (such as the STB 106 or TV 104) may also be transmittedto the gateway server 118 for association with the payment accountinformation, which can add an additional layer of security to thesystem. For example, the consumer's cable provider may associate aunique serial number to each STB in their cable system so that, in someembodiments, that unique STB identifier could be an indication of theorigin (a consumer's home and/or household device) of a purchasetransaction request. The unique STB identifier thus provides anadditional data point that raises the confidence level for an issuerthat a purchase transaction request originated from a particularconsumer (cardholder) and/or a particular consumer Internet-connecteddevice. In some embodiments, instead of a unique serial number, theinternet protocol (IP) address of the consumer's device could be used asan indication of the location of the consumer's household device and/ororigin of a purchase request. Such operation is advantageous from asecurity standpoint because it is relatively easy to obtain and utilizesuch a unique serial number and/or IP address, the use of such anidentifier is transparent to the consumer, and such operation increasesthe confidence level that the purchase transaction was initiated by theconsumer associated with the payment account.

FIG. 3A is block diagram illustrating a payment credential proxyregistration and payment system 300 that allows a consumer to utilize anInternet-connected device to register proxy payment credentials, andconveniently select and purchase products and/or services via a secureonline shopping experience. In this example, a consumer utilizes aremote control device 102 to control a TV 104 and/or a STB 302, whereinthe STB 302 includes a secure element (SE) 304 and a reader 306. The SE304 may be a secure storage location of a storage device (such as asecure partition of a hard drive) or may be a separate storage devicethat is integrated within the STB 302 (and in some embodiments, may beintegrated within the TV 104). Alternately, the SE 304 may be in theform of a SIM card, USB dongle, SD card, micro-SD card, and the likeform factor that may be operably connected to the STB 302 or TV 104. Inany case, the SE 304 is configured for locally and securely storingpayment account data read by the reader 306, and in some embodiments forlocally and securely storing manually-entered payment account data.

The automatic registration and payment system 300 permits simple paymenttransactions (and other forms of transactions and/or interactions) to beeasily and securely processed against a financial account, via a proxyor alias set up during a registration process. In particular, a secureserver links the proxy to the original financial or payment account inthe payment infrastructure that functions to validate the proxy whenrequired, and the secure server is also operable to convert a receivedproxy associated with a given purchase transaction to the originalfinancial account. Such processing avoids any impact on the accountissuer and offers enhanced security because, in some embodiments, athird party verifies and/or authenticates the proxy as part of thetransaction request (which will be described below).

Referring again to FIG. 3A, in this example the cardholder has twopayment accounts with the first associated with a first payment card“Card1” 112 and the second associated with a second payment card “Card2”114. As shown, the STB 302 is operably connected to the Internet 116,which may be via a cable-type modem or a DSL-type modem or a router (notshown). A gateway server 118 is also operably connected to the Internet116 and to a validation and translation server 308, which in turn isoperably connected to a payment network 310. The gateway server 118,validation and translation server 308 and the payment network 310 mayeach be components of the payment infrastructure. However, in someembodiments, the gateway server 118 and/or the validation andtranslation server 308 are associated with a third party servicesprovider. FIG. 3A also depicts Merchant1 Server 122, Merchant2 Server124 and MerchantN Server 126, which represent a multiplicity of merchantservers, all operably connected to the Internet 116. These merchantservers may each represent different businesses and/or retailersoffering a plurality of different products and/or services.

In some embodiments, to register his or her financial accounts theconsumer or cardholder presents the payment cards 112 and 114 to thecard reader 306 of the STB 106 for reading. In some implementations, theintegrated reader 306 is mechanically and/or electronically capable ofreading EMV-type data from the cards 112 and 114. If the payments cards112 and 114 are proximity payment cards, then the consumer may tap eachof them near the reader 306 (at a designated location and when promptedto do so during a registration process) to obtain data stored withinthose proximity payment cards. In other embodiments, the reader 306 maybe configured to read a magnetic stripe on one or more payment cards, orbe configured to utilize a PayPass™ or NFC-type protocol to read thedata from the payment cards. Thus, the reader 306 of the STB 302 readspayment card data (or other payments means data) that includes, forexample, a PAN, an authorization request cryptogram (ARQC) (or similarcryptographic element), and also reads a proxy element (an alias) fromthe payment card. In some embodiments, the consumer may be required toutilize the remote control 102 to manually key at least some portion ofthe payment account registration data into the STB 302, such as abilling address. The STB 302 then generates and transmits an onlineregistration request via the Internet 116 to the payment infrastructure,which includes the validation and translation server 308, and theregistration request includes all details of the payment card(s)account(s) and the proxy data.

In some embodiments, the proxy is initially generated by an entity suchas a cable operator, television manufacturer or a payments processingprovider. In such cases, a separate validation server (not shown) may beprovided as a validation service by the entity that assigned the proxyto the consumer's device. Such a proxy may be derived from (or consistof) an attribute or characteristic that is built-in or associated withthe consumer's Internet-connected appliance, such as a unit serialnumber (which may include both numbers and letters), aninternet-protocol (IP) address, a model-type number, a manufacturingdate, or combination of such elements, and the like. The proxy may alsobe derived from an attribute or characteristic of the consumer's primaryaccount number (PAN) in association with one or more characteristics orattributes of the Internet-connected appliance. In addition, in someembodiments, the proxy may be created by an entity in a manner thatguarantees that it is a unique identifier (which may be alphanumeric),for example, by use of a random number generator and/or by using a checkprocess (to ensure that such a proxy does not already exist), and/orsome other type of process to ensure uniqueness.

The gateway server 118 may be a central server, and it may function toroute registration and/or transaction requests to the validation andtranslation server 308. The validation and translation server 308 mayfunction to authenticate the proxy data and to translate and/or map itto an actual payment card account, for example, and to transmit thatinformation and an authentication request to an issuer server (notshown) associated with the payment card issuer (financial institution)that issued that particular payment account (for example, the issuer ofCard1 112). In some embodiments, the validation and translation server308 is operated by a third party entity such as a payment serviceprovider (PSP), or an electronic payment network, such as the oneoperated by MasterCard International Incorporated, as part of thepayment infrastructure. Upon approval (for example, validation by boththe validation and translation server and an issuer server), the paymentcredentials (including the payment account data and the proxy data) aresecurely stored, for example, in a database of the validation andtranslation server 308 and/or by the gateway server 118 for use infuture transactions. A response is then transmitted to the STB 302and/or TV 104 regarding the successful registration of the payment cardaccount.

In some embodiments, the system may prompt the cardholder to choose apasscode or to confirm a parental control passcode. Such operationserves to allow various family members to safely use their individualcards and/or accounts when shopping, as well as control the use of thesystem by other family members, if so desired. In some embodiments, theSTB 302 prompts the cardholder to enter the billing and/or shippingaddress details that are then stored in a dedicated storage element of alocal storage device which may be the SE 304 to enable a completelyautomatic check-out process. In some other embodiments, the STB 302prompts the cardholder to register additional payment cards, whichfollow the method explained above. In this case, the STB 302 mayfunction to prompt the cardholder to confirm the previously enteredbilling and/or shipping address details that have already been entered,rather than require re-entry of such data.

In some embodiments, the STB 302 and TV 104 enables the cardholder tobrowse and/or review his or her list of registered payment cards (whichmay include credit card accounts, debit card accounts and/or pre-paidcard accounts), and also may enable the consumer to select one or morepreference settings for his or her payment card accounts. For example,Card1 112 may be set as the default payment card account that will beutilized for most online purchase transactions, and Card2 114 may be setup as the payment card account that is to be used when ordering foodonline from a restaurant. In addition, the STB 302 may enable thecardholder to delete, add, and/or change preferential ordering of thepayment card data in the SE 304.

FIG. 3B is block diagram illustrating a payment credential proxyregistration and payment system 320 that is similar to that of FIG. 3A.In particular, the system 320 also allows a consumer to utilize adomestic Internet-connected device to register payment credentials, andthen to conveniently select and purchase products and/or services via anonline shopping experience. Once again, a consumer utilizes a remotecontrol device 102 to control a TV 104 and/or a STB 302, wherein the STB302 includes a secure element (SE) 304 and a reader 306. The SE 304 maybe a secure storage location of a storage device (such as a securepartition of a hard drive) or may be a separate storage device that isintegrated within the STB 302 (and in some embodiments, may beintegrated within the television 104).

Alternately, the SE 304 may be in the form of a SIM card, USB dongle, SDcard, micro-SD card, and the like form factor that may be operablyconnected to the STB 302 or TV 104. In any case, the SE 304 isconfigured for locally and securely storing payment account data read bythe reader 306, and in some embodiments for locally and securely storingmanually-entered payment account data.

Like the system 300, the automatic registration and payment system 320permits simple payment transactions (and other forms of transactionsand/or interactions) to be easily and securely processed against afinancial account, via a proxy or alias set up during a registrationprocess. In particular, a secure server links the proxy to the originalpayment account in the payment infrastructure that functions to validatethe proxy when required, and the secure server is also operable toconvert a received proxy associated with a given transaction to theoriginal financial account. Such processing avoids any impact on theaccount issuer and offers enhanced security because, in someembodiments, a third party verifies and/or authenticates the proxy aspart of the transaction request (which will be described below).

In the system 320, the cardholder has two payment accounts with thefirst associated with a first payment card “Card1” 112 and the secondassociated with a second payment card “Card2” 114. As shown, the STB 302is operably connected to the Internet 116, which may be via a cable-typemodem or a DSL-type modem or a router (not shown). A gateway server 118is also operably connected to the Internet 116 and to a validation andtranslation server 308, which in turn is operably connected to a paymentnetwork 310. The gateway server 118, validation and translation server308 and the payment network 310 may each be components of the paymentinfrastructure. However, in some embodiments the gateway server 118and/or the validation and translation server 308 are associated with athird party services provider. FIG. 3B also depicts Merchant1 Server122, Merchant2 Server 124 and MerchantN Server 126, which represent amultiplicity “N” of merchant servers, all operably connected to thegateway server 118. These merchant servers may represent differentbusinesses and/or retailers offering a plurality of different productsand/or services.

In some embodiments, to register his or her financial accounts theconsumer or cardholder presents the payment cards 112 and 114 to thereader 304 of the STB 106 for reading. In some implementations, theintegrated reader 304 is mechanically and/or electronically capable ofreading EMV-type data from the cards 112 and 114. If the payments cards112 and 114 are proximity payment cards, then the consumer may tap eachof them near the reader 304 (at a designated location and when promptedto do so during a registration process) to obtain data stored withinthose proximity payment cards. In other embodiments, the reader may beconfigured to read a magnetic stripe on one or more payment cards, or beconfigured to utilize a PayPass™ or NFC-type protocol to read the datafrom the payment cards. Thus, the reader 304 of the STB 302 readspayment card data (or other payments means data) that includes, forexample, a PAN, an authorization request cryptogram (ARQC) (or similarcryptographic element), and also reads a proxy element (an alias) fromthe payment card. In some embodiments, the consumer may be required toutilize the remote control 102 to manually key at least some portion ofthe payment account registration data into the STB 302, such as abilling address. The STB 302 then generates and transmits an onlineregistration request via the Internet 116 to the gateway server 118,which then communicates with validation and translation server 308 andpayment network 310. The registration request includes all details ofthe payment card(s) account(s) and the proxy data.

In some embodiments, the proxy is initially generated by an entity suchas a cable operator, television manufacturer or a payments processingprovider. In such cases, a separate validation server (not shown) may beprovided as a validation service by the entity that assigned the proxyto the consumer's device. Such a proxy may be derived from (or consistof) an attribute or characteristic that is built-in to or associatedwith the consumer's household device, such as a unit serial number, anIP address and the like. In some embodiments, the proxy may be createdby an entity in a manner that guarantees that it is a uniquealphanumeric identifier, for example, by use of a random numbergenerator and/or a checking process may be utilized to compare thegenerated proxy to known proxies (to ensure that such a proxy does notalready exist), and/or another type of process may be used to ensureuniqueness.

The gateway server 118 may be a central server, and it may function toroute registration and/or transaction requests to the validation andtranslation server 308. The validation and translation server 308 mayfunction to authenticate the proxy data and to translate and/or map itto an actual payment card account, for example, and to transmit thatinformation and an authentication request to an issuer server (notshown) associated with the payment card issuer (financial institution)that issued that particular payment account (for example, the issuer ofCard1 112). In some embodiments, the validation and translation server308 is operated by a third party entity such as a payment serviceprovider (PSP), or an electronic payment network, such as the oneoperated by MasterCard International Incorporated, as part of thepayment infrastructure. Upon approval (for example, validation by boththe validation and translation server and an issuer server), the paymentcredentials (including the payment account data and the proxy data) aresecurely stored, for example, in a database of the validation andtranslation server 308 and/or by the gateway server 118 for use infuture transactions. A response is then transmitted to the STB 302and/or TV 104 regarding the successful registration of the payment cardaccount.

In some embodiments, the system may prompt the cardholder to choose apasscode or to confirm a parental control passcode. Such operationserves to allow various family members to safely use their individualcards and/or accounts when shopping, as well as control the use of thesystem by other family members, if so desired. In some embodiments, theSTB 302 prompts the cardholder to enter the billing and/or shippingaddress details that are then stored in a dedicated storage element of alocal storage device which may be the SE 304 to enable a completelyautomatic check-out process. In some other embodiments, the STB 302prompts the cardholder to register additional payment cards, whichfollow the method explained above. In this case, the STB 302 mayfunction to prompt the cardholder to confirm the previously enteredbilling and/or shipping address details that have already been entered,rather than require re-entry of such data.

In some embodiments, the STB 302 and TV 104 enables the cardholder tobrowse and/or review his or her list of registered payment cards (whichmay include credit card accounts, debit card accounts and/or pre-paidcard accounts), and also may enable the consumer to select one or morepreference settings for his or her payment card accounts. For example,Card1 112 may be set as the default payment card account that will beutilized for most online purchase transactions, and Card2 114 may be setup as the payment card account that is to be used when ordering foodonline from a restaurant. In addition, the STB 302 may enable thecardholder to delete, add, and/or change preferential ordering of thepayment card data in the SE 304.

It should also be understood that, with regard to FIGS. 3A and 3B, aspart of the registration process and/or purchase transaction process,the location of and/or an identifier associated with the consumer'sdevice (such as the STB 302 or TV 104) may also be transmitted to thegateway server 118 for association with the card account information toadd an additional layer of security to the system. For example, theconsumer's cable provider may associate a unique serial number to eachSTB in their cable system so that, in some embodiments, that unique STBidentifier could be an indication of the origin (a consumer's home) of apurchase transaction request. The unique STB identifier thus provides anadditional data point that serves to raise the confidence level for anissuer that the purchase transaction originated from a particularconsumer (cardholder). In some embodiments, instead of a unique serialnumber, the internet protocol (IP) address of the consumer's devicecould be used as an indication of the location of the consumer's deviceand/or origin of a purchase transaction request. Such operation isadvantageous from a security standpoint because it is relatively easy toobtain and utilize such a unique serial number and/or IP address, theuse of such an identifier is transparent to the consumer, and suchoperation increases the confidence level that the purchase transactionwas initiated by the consumer who owns the payment account.

FIG. 4 is a flowchart illustrating a cardholder transaction process 400utilizing the system 300 of FIG. 3A and/or the system 320 of FIG. 3Baccording to an embodiment. The consumer utilizes the remote control 102and the STB 302 to view images of products and/or services (not shown)on the display screen of his or her TV 104 in order to decide on aproduct or service to purchase. As mentioned above, a virtual mall maybe provided by the cable-TV provider that includes a plurality of icons(not shown) for viewing by the consumer on the TV screen. The icons areassociated with a plurality of merchants and/or retailers offeringvarious products and services for purchase. For example, offerings mayinclude local goods and/or services and food for delivery and/ortake-out. The cable-TV provider may also offer pay-per view programs,viewer value packs and/or short-term viewing subscriptions. Icons orplaceholders representing different types of goods or services may bedisplayed. For example, a digital media icon may represent music, games,and gambling services, and a direct response shopping icon may representprograms, commercials and infomercials. When selected, a particular iconmay vanish and be replaced by a plurality of different icons associatedwith a particular merchant that represent particular offers forselection by the consumer from that merchant.

Referring again to the example of FIG. 4, the STB 302 receives 402 aproduct selection for purchase, such as a digital music player (to beobtained from an electronics merchant). Next, the STB 302 receives 404the selected payment card account for the purchase transaction, whichthe consumer selected from a list of stored payment card accounts. Inparticular, the STB 302 causes the TV 104 to display the stored paymentcard credentials and billing address and/or shipping address details forselection by the consumer as the means of payment. The consumer orcardholder then makes a choice and, in some embodiments enters his orher unique PIN or passcode (or other CVM) to confirm that he or shewishes the transaction to continue. The STB 302 retrieves the paymentproxy stored in the SE 304, and then transmits 406 the proxy with thetransaction request via the Internet 116 to the gateway server 118 forforwarding to the validation and translation server 308. The validationand translation server 308 determines 408 whether or not the EMVtransaction is valid. If the purchase transaction is not valid in step408, then the STB 302 receives 410 a “transaction denied” response whichthe STB 302 causes to be displayed to the consumer, for example, on thescreen of the TV 104. If the validation and translation server 308determines 408 that the EMV transaction is valid, then the validationand translation server 308 performs a mapping function by translating412 the proxy transaction into a standard payment card accounttransaction and routing it to the issuer of the payment account forauthentication.

Thus, a standard EMV (or EMV-like) purchase transaction request is madeto the payment infrastructure, and the included transaction details aresimilar to that of a standard payment transaction. It should be notedthat communication between the proxy device (STB 302) and the onlineservers (the gateway server 118 and the validation and translationserver 308) may employ protocols other than EMV, for example, which mayinvolve using a static password or dynamic mechanisms. The transactionrequest is therefore routed to the payment infrastructure whichvalidates the SE cryptogram (for example, an ARQC) and associates the SEproxy with a standard payment card PAN before forwarding it to therelevant card issuer.

Referring again to FIG. 4, the issuer (not shown) then determines 414whether or not the payment transaction should be approved. If not, thenthe STB 302 receives 410 a “transaction denied” response which, in someembodiments, the STB 302 causes to be displayed to the consumer on thescreen of the TV 104. If the issuer approves the payment transaction,then the STB 302 receives 416 a “transaction approved” response, whichthe STB 302 causes to be displayed to the consumer on the screen of thetelevision 104.

With regard to the system 300 of FIG. 3A, the gateway server 118 maytransmit the transaction request and a favorable authorization responseto an appropriate merchant server, such as merchant server 126 forexample (which is associated with a merchant store called “ElectronicsCity”, for example) via the Internet 116 so that that merchant canfulfill the order for the digital music player and be paid. But in thesystem 320 of FIG. 3B, the gateway server 118 is operably connected toeach of the merchant servers 122, 124 and 126, and thus, directlytransmits the transaction request and the authorization response to themerchant server 126. In either case, “Electronics City” (the electronicsmerchant) is notified of the purchase order, including the desired item,and is notified of the authorization for payment. Thus, Electronics Citywould respond by shipping the digital music player to the consumer'sshipping address because that merchant is confident that payment will beprovided. In some embodiments, the merchant also contacts the consumer,for example, via email and/or text message, to verify that the item willbe shipped and that payment has been made. The issuer thus processes thepayment transaction request with the knowledge that the paymentinfrastructure has validated the proxy (that is, the proxy ARQC) on itsbehalf, and in some embodiments, the method also includes processing thetransaction in conjunction with a PIN and/or passcode received from theconsumer for added security.

In some embodiments of the systems 300 and/or 320 and/or process 400,the Proxy device and/or protocol is/are based on the EMV standards, butother forms of cryptography could be substituted. In addition, asmentioned above, the Proxy device can be in the form of a USB device, anSD card, a SIM card, a micro-SD card and the like, but in someembodiments it may be fully dematerialized (that is, it may be asoftware construct or application in the SE 304 of the STB 302, forexample). In addition, in some embodiments the validation andtranslation server 308 may be operable to flag “TV transactions” in aspecial manner as part of the payment transaction request message. Suchoperation may be advantageous because it can serve to inform an issuerof the original payment account that the transaction is secure (due tothe proxy device validation process that has been utilized) and in someembodiments, may open the payment transaction to revisions,modifications and/or adjustments. Such revisions, modifications and/oradjustments may concern such criteria as payment guarantees, transactionfees, service fees, and the like affecting, for example, the issuers,third party providers and/or entities handling one or more functions ofthe payment infrastructure.

FIG. 5A is a block diagram of a system 500 for permitting a consumer topurchase goods and/or services via at least one secondaryInternet-connected device according to an embodiment. In this example, a“smart refrigerator” 502 is described as the secondaryInternet-connected device, but it should be understood that many othertypes of devices could be utilized. Details concerning variouscomponents of and methods for operating the smart refrigerator arebeyond the scope of the present disclosure and thus, will not bediscussed in detail herein. For present purposes, it is sufficient thatthe reader understands that the smart refrigerator includes one or moresensors capable of and/or configured to keep track of food items storedtherein and/or to self-monitor conditions within the refrigerator tomake sure it is functioning properly, and further, that the smartrefrigerator is capable of communicating with the STB 302 via a domesticnetwork 506 (which, for example, may include a household router and/or acable modem (not shown) configured for wireless communications).

Referring again to FIG. 5A, the smart refrigerator 502 may include atouch screen 504 for displaying a list of food items contained thereinand for use by a consumer to order items that he or she prefers and/orneeds. The smart refrigerator 502 is also configured to communicate withthe payment network infrastructure 508 via the Internet 116. Forexample, if the smart refrigerator 502 recognizes that the consumer hasrun out of milk, it may be configured to request a payment card listfrom the STB 302 via the domestic network 506. (In this case, it isassumed that the STB 302 has already been utilized to register one ormore payment accounts as described herein with regard to FIGS. 1A to 4.)The STB 302 may then operate to transmit a list of all of the registeredor enrolled payment card accounts, and displays the list on thetouch-screen 504 for selection of a payment account by the consumer. Insome embodiments, the smart refrigerator may be configured toautomatically select and/or utilize a particular payment card account(such as a default payment card account) for us in a particular type ofpurchase transaction, in which case the list of payment card accountsneed not be displayed. Next, in some embodiments, the smart refrigerator502 requests the payment credentials and a cryptogram from the STB 302,and the STB 302 responds by transmitting the requested credentials (forexample, the PAN, an expiration date and a CVC code, and the like) andthe associated cryptogram to the smart refrigerator 502. The smartrefrigerator then submits (with or without further input from theconsumer) an authorization request to the payment network infrastructure508 via the Internet 116, wherein the authorization request may first berouted to a PSP and/or acquirer server (not shown). A process similar tothat described above concerning authorization of the payment cardaccount may occur, and then an authorization response may be transmittedback to the smart refrigerator 502 that includes either an approval ordecline transaction message, which may be displayed on the display 504for viewing by the consumer.

FIG. 5B is a block diagram of a system 510 for permitting a consumer topurchase goods and/or services via at least one secondaryInternet-connected device in accordance with another embodiment. As inthe example of FIG. 5A, a smart refrigerator 502 is the secondaryInternet-connected device, but it should be understood that many othertypes of Internet-capable devices could be utilized. As also mentionedabove, details concerning various components of and methods foroperating the smart refrigerator are beyond the scope of the presentdisclosure and thus, will not be discussed in detail herein.

Referring again to FIG. 5B, as in FIG. 5A the smart refrigerator 502 mayinclude a touch screen 504 for displaying a list of food items thatneeds to be ordered. Such a list may include purchase details such asthe product name(s), the cost of each product, and the merchant(s) fromwhich to make the purchase(s). In the system 510, the smart refrigerator502 is configured to communicate with the STB 302 via the domesticnetwork 506 and functions to submit the purchase details to the STB 302.In some embodiments, the STB 302 automatically selects a payment cardaccount and/or automatically utilizes a default payment card account toconstruct an authorization request. In other embodiments, the consumermay be prompted by the smart refrigerator and/or by the STB 302 (forexample, by the STB 302 displaying a choice of payment accounts on atelevisions screen) to select a payment account to use for a particularpurchase transaction.

Once a payment account is chosen, the STB 302 prepares a purchasetransaction authorization request that includes the payment accountcredentials (for example, the PAN, an expiration date and a CVC code,and the like) and, in some embodiments, an associated cryptogram orone-time password (OTP) and the purchase details (products, amount,merchants and the like). When the purchase transaction authorizationrequest is ready, the STB 302 transmits the request via the Internet 116to the payment network infrastructure 508, wherein the authorizationrequest may first be routed to a PSP and/or and acquirer server (notshown). A process similar to that described above concerningauthorization of the payment card account may occur, and then anauthorization response is delivered back to the smart refrigerator 502that includes either an approval or a decline transaction message.

While the above scenarios described with regard to FIGS. 5A and 5Bconcern a smart refrigerator as the secondary device being utilized in adomestic household environment, it is contemplated that otherimplementations could include other types of Internet-capable devicesoperating in other types of environments, such as in a public setting.For example, the processes described herein may be configured for use inParking Garages wherein a central Payment Server interacts with adriver's smartphone to facilitate payment of parking fees. In anotherexample, a system may be designed for use in hotel environments whereincardholders may use, for example, their mobile phones to immediatelyengage with an electronic door lock (which may contain a payment serverconnection) to their hotel room. Such operation enables a fullyautomated check-in process wherein cardholders do not need to registerat a front desk in order to obtain a room. Instead, the cardholderswould be able to go straight to a hotel room and open the lock (whenthat hotel room is both unoccupied and housekeeping has made itavailable for use), and circuitry within the lock itself operates toimmediately exchange payment credential data that can be utilized forautomatic check-out purposes.

It is contemplated that a hotel system capable of operating in the abovedescribed manner would also be able to transmit a list of availablehotel rooms upon request to the mobile telephone of a prospective hotelguest, for example, upon the arrival of the prospective hotel guest ontothe grounds of the hotel. Such operation would permit thatconsumer/hotel guest to simply walk up to an available room and gainentry via his or her smartphone. Yet another environment in which suchsystems and methods may be advantageously employed is in the field ofvending machines.

In addition, the local payment server (which may be the STB, forexample, or another Internet-enable device) could be incorporated intothe cable modem of a household, or into the router of a domestic orbusiness environment, for example. Other possibilities includeintegrating the payment server into a home automation system, or into analarm system, or into a similar system to enable any domestic WiFiand/or Internet-capable device to piggy-back on one or more paymentcredentials through a payment server interaction. Thus, the systems andprocesses described herein facilitate registration and online purchasetransactions for consumers, and may also facilitate registration andother types of transactions for business owners, employees and the like.

As the term “payment transaction” is used herein and in the appendedclaims, it should be understood to include the types of transactionscommonly referred to as “purchase transactions”, which may be inconnection with electronic commerce (e-Commerce) transactions that mayinvolve payment card accounts and/or payment card systems. In addition,the term “payment card” or “payment card account” as used herein mayrefer to, for example, credit card accounts, debit card accounts,pre-paid card accounts or other financial accounts.

The above descriptions and illustrations of processes herein should notbe considered to imply a fixed order for performing the process steps.Rather, the process steps may be performed in any order that ispracticable, including simultaneous performance of at least some steps.

Although the present invention has been described in connection withspecific exemplary embodiments, it should be understood that variouschanges, substitutions, and alterations apparent to those skilled in theart can be made to the disclosed embodiments without departing from thespirit and scope of the invention as set forth in the appended claims.

What is claimed is:
 1. A method for generating consumer paymentcredentials during a purchase transaction using an Internet-connectedappliance comprising: receiving, by a primary Internet-connectedappliance via a domestic network from a secondary appliance, purchasetransaction information comprising a product or service selection, apurchase price amount, and a merchant identifier; generating, by theprimary Internet-connected appliance, a purchase transactionauthorization request based on the purchase transaction information andon payment account credential data that is stored locally in a dedicatedstorage element of the primary Internet-connected appliance;transmitting, by the primary Internet-connected appliance on behalf ofthe secondary appliance, the purchase transaction authorization requestvia the Internet to a gateway server computer; receiving, by the primaryInternet-connected appliance from the gateway server computer, apurchase transaction authorization response; and transmitting, by theprimary Internet-connected appliance, the purchase transactionauthorization response via the domestic network to the secondaryappliance for display to a consumer.
 2. The method of claim 1, furthercomprising, prior to generating the purchase transaction authorizationrequest: transmitting, by the primary Internet-connected appliance viathe domestic network to the secondary appliance for display on a displayscreen, a plurality of payment card accounts for selection by theconsumer; and receiving, by the primary Internet-connected appliance viathe domestic network from the secondary appliance, a selection of one ofthe plurality of payment card accounts for use in the purchasetransaction.
 3. The method of claim 1, further comprising, prior toreceiving the purchase transaction information: reading, by a readerdevice associated with the primary Internet-connected appliance, paymentaccount credential data from at least one payment device of theconsumer; transmitting, by the primary Internet-connected appliance viathe Internet to the gateway server computer, a cardholder registrationrequest comprising the payment account credential data and proxy dataderived from an attribute associated with the primary Internet-connectedappliance; receiving, by the primary Internet-connected appliance fromthe gateway server computer, a cardholder verification request;prompting, by the primary Internet-connected appliance, the consumer torespond to the cardholder verification request; transmitting, by theprimary Internet-connected appliance via the Internet to the gatewayserver computer, a response received from the consumer; receiving, bythe primary Internet-connected appliance, a cardholder authenticationmessage and an indication of successful registration of the cardholder'spayment account; prompting, by the primary Internet-connected appliance,the consumer to enter billing and shipping address data; and storing, bythe primary Internet-connected appliance, the payment account credentialdata in the dedicated storage element of the primary Internet-connectedappliance.
 4. The method of claim 3, further comprising, subsequent totransmitting the consumer response to the gateway server computer:receiving, by the primary Internet-connected appliance via the Internetfrom the gateway server computer, a negative cardholder authenticationmessage; and displaying, by the primary Internet-connected appliance ona display screen, a registration failure message to the consumer.
 5. Themethod of claim 1, wherein transmitting the purchase transactionauthorization request further comprises transmitting, by the primaryInternet-connected appliance to the payment gateway computer, a uniqueidentifier associated with the primary Internet-connected appliance. 6.The method of claim 5, wherein the unique identifier of the primaryInternet-connected appliance comprises at least one of a serial numberand an internet protocol (IP) address.
 7. The method of claim 1, whereinthe payment account credential data comprises at least two of acardholder name, a primary account number (PAN), an expiration date, aCardholder Verification Code (CVC), billing and shipping address data,or proxy data.
 8. The method of claim 1, wherein the primaryInternet-connected appliance comprises one of a set-top box (STB), aflat-screen television, a microwave oven, and a refrigerator.
 9. Themethod of claim 1, wherein the primary Internet-connected appliancecomprises a smartphone of the consumer.
 10. The method of claim 9,wherein the secondary appliance comprises one of a parking garage gateor a hotel room lock.
 11. A transaction system comprising: a domesticnetwork; a primary Internet-connected appliance operably connected tothe domestic network; a secondary appliance operably connected to thedomestic network and configured for communication with the primaryInternet-connected appliance; and a gateway server computer operablyconnected via the Internet to the primary Internet-connected appliance;wherein the primary Internet-connected appliance comprises a processor,a reader device operably connected to the processor, an internetconnector component operably connected to the processor, and a storagedevice including a dedicated storage element, the storage deviceoperably connected to the processor and storing instructions configuredto cause the processor to: receive, via the domestic network from thesecondary appliance, purchase transaction information comprising aproduct or service selection, a purchase price amount, and a merchantidentifier; generate a purchase transaction authorization request basedon the purchase transaction information and on payment accountcredential data stored in the dedicated storage element; transmit thepurchase transaction authorization request via the Internet to thegateway server computer on behalf of the secondary Internet-connectedappliance; receive a purchase transaction authorization response via theInternet from the gateway server computer; and transmit the purchasetransaction authorization response via the domestic network to thesecondary appliance for display to a consumer.
 12. The system of claim11, wherein the storage device further comprises, prior to theinstructions for generating the purchase transaction authorizationrequest, instructions configured to cause the processor to: display aplurality of payment card accounts on a display screen for selection bythe consumer; and receive a selection of one of the plurality of paymentcard accounts for use in the purchase transaction.
 13. The system ofclaim 11, wherein the storage device further comprises, prior to theinstructions for receiving the purchase transaction information,instructions configured to cause the processor to: read, by the readerdevice, payment account credential data from at least one payment deviceof the consumer; transmit a cardholder registration request via theInternet to the gateway server computer, the cardholder registrationrequest comprising the payment account credential data and proxy dataderived from an attribute associated with the primary Internet-connectedappliance; receive a cardholder verification request from the gatewayserver computer; prompt the consumer to respond to the cardholderverification request; transmit a response received from the consumer viathe Internet to the gateway server computer; receive a cardholderauthentication message from the gateway server computer and anindication of successful registration of the cardholder's paymentaccount; prompt the consumer to enter billing and shipping address data;and store the payment account credential data in the dedicated storageelement.
 14. The system of claim 13, wherein the storage device furthercomprises, subsequent to the instructions for transmitting the consumerresponse via the Internet to the gateway server, instructions configuredto cause the processor to: receive a negative cardholder authenticationmessage; and display a registration failure message on a display screento the consumer.
 15. The system of claim 11, wherein the instructionsfor transmitting the purchase transaction authorization request furthercomprises instructions configured to cause the processor to transmit aunique identifier associated with the primary Internet-connectedappliance via the Internet to the gateway server computer.
 16. Thesystem of claim 11, wherein the primary Internet-connected appliancecomprises one of a set-top box (STB), a flat-screen television, amicrowave oven, and a refrigerator.
 17. The system of claim 11, whereinthe primary Internet-connected appliance comprises a smartphone of theconsumer.
 18. The system of claim 17, wherein the secondary appliancecomprises one of a parking garage gate or a hotel room lock.